protected final function CheckAdminInfo($uid = null, $ashell = null) { $this->db = System::load_app_model('admin_model', G_ADMIN_DIR); if ($uid && $ashell) { $CheckId = _encrypt($uid, 'DECODE'); $CheckAshell = _encrypt($ashell, 'DECODE'); } else { $CheckId = _encrypt(_getcookie("AID"), 'DECODE'); $CheckAshell = _encrypt(_getcookie("ASHELL"), 'DECODE'); } if (!$CheckId || !$CheckAshell) { return false; } $info = $this->db->GetOne("SELECT * FROM `@#_admin` WHERE `uid` = '{$CheckId}'"); if (!$info) { return false; } $infoshell = md5($info['username'] . $info['userpass']) . md5($_SERVER['HTTP_USER_AGENT']); if ($infoshell != $CheckAshell) { return false; } if (empty($_SESSION['token']) && $_SESSION['token'] != md5($info['username'] . $info['userpass'])) { return false; } $this->AdminInfo = $info; return true; }
protected final function CheckAdminInfo($uid = null, $ashell = null) { $this->db = System::load_app_model('admin_model', G_ADMIN_DIR); if ($uid && $ashell) { $CheckId = _encrypt($uid, 'DECODE'); $CheckAshell = _encrypt($ashell, 'DECODE'); } else { $CheckId = _encrypt(_getcookie("AID"), 'DECODE'); $CheckAshell = _encrypt(_getcookie("ASHELL"), 'DECODE'); } if (!$CheckId || !$CheckAshell) { return false; } $info = $this->db->GetOne("SELECT * FROM `@#_admin` WHERE `uid` = '{$CheckId}'"); if (isset($_POST['dosubmit']) || isset($_POST['submit-1'])) { if ($info[mid] == '1') { _message("测试帐号无修改权限!"); } } if (!$info) { return false; } $infoshell = md5($info['username'] . $info['userpass']) . md5($_SERVER['HTTP_USER_AGENT']); if ($infoshell != $CheckAshell) { return false; } $this->AdminInfo = $info; return true; }
public function insert() { $msg = array(); $path = isset($_POST['path']) ? _encrypt($_POST['path'], 'DECODE') : ''; $size = isset($_POST['size']) ? _encrypt($_POST['size'], 'DECODE') : 0; $type = isset($_POST['type']) ? _encrypt($_POST['type'], 'DECODE') : 'image'; $type = explode(',', $this->getUPtype($type, true)); $watermark = $_POST['iswatermark'] == "true" ? "yes" : "no"; if (!is_dir(G_UPLOAD . $path)) { $msg['ok'] = 'no'; $msg['text'] = $path . "文件夹不存在"; echo json_encode($msg); exit; } System::load_app_class("admin", G_ADMIN_DIR, "no"); $admincheck = admin::StaticCheckAdminInfo() ? 1 : 0; if (is_array($_FILES['Filedata'])) { System::load_sys_class('upload', 'sys', 'no'); upload::upload_config($type, $size, $path); upload::go_upload($_FILES['Filedata'], $watermark); if (!upload::$ok) { $msg['ok'] = 'no'; $msg['text'] = upload::$error; } else { $msg['ok'] = 'yes'; $msg['text'] = $path . '/' . upload::$filedir . "/" . upload::$filename; } echo json_encode($msg); } }
public function card_addmoney() { $czknum = htmlspecialchars($_POST['czknum']); $password = htmlspecialchars($_POST['password']); if (empty($czknum) or empty($password)) { _message("您尚未填写卡密信息"); } $czkdata = $this->db->GetList("select * from `@#_czk` where `status` = '1' AND czknum='{$czknum}' AND password='******'"); if (!$czkdata) { _message("卡号或卡密不正确"); } $czkdata = $czkdata[0]; $uid = intval(_encrypt(_getcookie("uid"), 'DECODE')); //查询用户信息 if ($czkdata['type'] == 1) { $members = $this->db->GetList("select * from `@#_member` where uid='{$uid}'"); $money = $czkdata['mianzhi'] + $members[0]['money']; $this->db->Query("UPDATE `@#_member` SET money='{$money}' where `uid`='{$uid}' "); } else { $members = $this->db->GetList("select * from `@#_member` where uid='{$uid}' and tyczk='0'"); if (empty($members)) { _message("卡密不存在或者已经参与此活动!"); die; } $money = $czkdata['mianzhi'] + $members[0]['money']; $this->db->Query("UPDATE `@#_member` SET money='{$money}',tyczk='1' where `uid`='{$uid}' "); } $this->db->Query("UPDATE `@#_czk` SET status='0' where czknum='{$czknum}' AND password='******' "); $time = time(); $this->db->Query("INSERT INTO `@#_member_account`(uid,type,pay,content,money,time)VALUES('{$uid}','1','账户','充值卡','{$czkdata['mianzhi']}','{$time}')"); _message("充值成功!"); }
public function __construct() { if (ROUTE_M == 'member' && ROUTE_C == 'user' && ROUTE_A == 'login') { return; } if (ROUTE_M == 'member' && ROUTE_C == 'user' && ROUTE_A == 'register') { return; } $uid = intval(_encrypt(_getcookie("uid"), 'DECODE')); $utype = _encrypt(_getcookie("utype"), 'DECODE'); $ushell = _encrypt(_getcookie("ushell"), 'DECODE'); if ($utype === NULL) { $this->HeaderLogin(); } if (!$uid) { $this->HeaderLogin(); } $this->userinfo = $this->DB()->GetOne("SELECT * from `@#_member` where `uid` = '{$uid}'"); if (!$this->userinfo) { $this->HeaderLogin(); } $shell = md5($this->userinfo['uid'] . $this->userinfo['password'] . $this->userinfo[$utype]); if ($ushell != $shell) { $this->HeaderLogin(); } }
public function insert() { $msg = array(); $path = isset($_POST['path']) ? _encrypt($_POST['path'], 'DECODE') : ''; $size = isset($_POST['size']) ? _encrypt($_POST['size'], 'DECODE') : 0; $type = isset($_POST['type']) ? _encrypt($_POST['type'], 'DECODE') : 'image'; $type = explode(',', $this->getUPtype($type, true)); if (!is_dir(G_UPLOAD . $path)) { $msg['ok'] = 'no'; $msg['text'] = $path . "文件夹不存在"; echo json_encode($msg); exit; } if (is_array($_FILES['Filedata'])) { System::load_sys_class('upload', 'sys', 'no'); upload::upload_config($type, $size, $path); upload::go_upload($_FILES['Filedata']); if (!upload::$ok) { $msg['ok'] = 'no'; $msg['text'] = upload::$error; } else { $msg['ok'] = 'yes'; $msg['text'] = $path . '/' . upload::$filedir . "/" . upload::$filename; } echo json_encode($msg); } }
public function Tdefault() { $info = $this->AdminInfo; $SysInfo = GetSysInfo(); $SysInfo['MysqlVersion'] = $this->db->GetVersion(); $versions = System::load_sys_config("version"); $banben_arr = explode(",", _encrypt(G_BANBEN_TYPE, "DECODE", "G_BANBEN_TYPE")); $banben_num = G_BANBEN_NUMBER; if (isset($banben_arr[$banben_num])) { $banben_txt = $banben_arr[$banben_num]; } else { if (G_BANBEN_NUMBER == -1) { $banben_txt = base64_decode("5pyq5o6I5p2D"); } else { if (G_BANBEN_NUMBER == -2) { $banben_txt = base64_decode("5o6I5p2D5Yiw5pyf"); } else { $banben_txt = base64_decode("5pyq5o6I5p2D"); } } } $yungou_alert = file_get_contents("http://www.baidu.com"); $text = $banben_txt; //$catelen = $this->db->count(); include $this->tpl(ROUTE_M, 'admin.default'); }
public function setUp() { db_delete_multi('document'); db_delete_multi('post_image'); db_delete_multi('post'); db_delete_multi('category'); db_delete_multi('lc_sessions'); db_delete_multi('user'); db_insert('user', array('fullName' => 'Administrator', 'uid' => 1, 'username' => 'admin', 'password' => _encrypt('admin'), 'email' => '*****@*****.**', 'role' => 'admin', 'isMaster' => 1)); }
function spcook($me) { $mysql_model = System::load_sys_class('model'); $uid = _encrypt(_getcookie('uid'), 'DECODE'); $member = $mysql_model->GetOne("select * from `@#_member` where `uid`='" . $uid . "'"); if ($me == "pic") { $img = explode(".", $member['img']); return $img[1]; } else { return $member[$me]; } }
public function cook() { $mysql_model = System::load_sys_class('model'); $uid = _encrypt(_getcookie('uid'), 'DECODE'); $member = $mysql_model->GetOne("select * from `@#_member` where `uid`='" . $uid . "'"); if (!$member) { $lei = $this->segment(2); $funct = $this->segment(3); //echo $lei; header("location:" . WEB_PATH . "home/user/login?lei=" . $lei . "&funct=" . $funct); exit; } else { return $member; } }
/** * 发送用户验证邮箱 * email @用户邮箱地址 * uid @用户的ID */ function send_email_reg($email = null, $uid = null) { $db = System::load_sys_class('model'); $checkcode = _getcode(10); $checkcode_sql = $checkcode['code'] . '|' . $checkcode['time']; $check_code = serialize(array("email" => $email, "code" => $checkcode['code'], "time" => $checkcode['time'])); $check_code_url = _encrypt($check_code, "ENCODE", '', 3600 * 24); $clickurl = WEB_PATH . '/member/user/emailok/' . $check_code_url; $db->Query("UPDATE `@#_member` SET `emailcode`='{$checkcode_sql}' where `uid`='{$uid}'"); $web_name = _cfg("web_name"); $title = _cfg("web_name") . "激活注册邮箱"; $template = $db->GetOne("select * from `@#_caches` where `key` = 'template_email_reg'"); $url = '<a href="'; $url .= $clickurl . '">'; $url .= $clickurl . "</a>"; $template['value'] = str_ireplace("{地址}", $url, $template['value']); return _sendemail($email, '', $title, $template['value']); }
public function __construct() { $this->mysql_model = System::load_sys_class('model'); $this->userid = intval(_encrypt(_getcookie("uid"), 'DECODE')); //获取当前客户的基本信息 (积分、剩余金额等) $this->userinfo = $this->mysql_model->GetOne("SELECT * from `@#_member` where `uid` = '{$this->userid}'"); $curtime = time(); /* if(!$this->userid){ _message("你还未登录,无权限访问该页!",WEB_PATH."/member/user/login"); } */ //显示当前抽奖第几期 $this->ruleinfo = $this->mysql_model->GetOne("select * from `@#_egglotter_rule` where `starttime`<='{$curtime}' and `endtime`>='{$curtime}' and `startusing`=1"); $this->username = $this->userinfo['username']; $rule_id = $this->ruleinfo['rule_id']; if (!$this->ruleinfo) { _message("没有设置游戏"); } //产看当期奖品 $this->spoilinfo = $this->mysql_model->GetList("select * from `@#_egglotter_spoil` where `rule_id`='{$rule_id}'"); }
protected function checkuser($uid, $ushell) { $uid = intval(_encrypt($uid, 'DECODE')); $ushell = _encrypt($ushell, 'DECODE'); if (!$uid) { return false; } if ($ushell === NULL) { return false; } $this->userinfo = $this->db->GetOne("SELECT * from `@#_member` where `uid` = '{$uid}'"); if (!$this->userinfo) { $this->userinfo = false; return false; } $shell = md5($this->userinfo['uid'] . $this->userinfo['password'] . $this->userinfo['mobile'] . $this->userinfo['email']); if ($ushell != $shell) { $this->userinfo = false; return false; } else { return true; } }
static final function StaticCheckAdminInfo($uid = null, $ashell = null) { $db = System::load_app_model('admin_model', G_ADMIN_DIR); if ($uid && $ashell) { $CheckId = _encrypt($uid, 'DECODE'); $CheckAshell = _encrypt($ashell, 'DECODE'); } else { $CheckId = _encrypt(_getcookie("AID"), 'DECODE'); $CheckAshell = _encrypt(_getcookie("ASHELL"), 'DECODE'); } if (!$CheckId || !$CheckAshell) { return false; } $info = $db->GetOne("SELECT * FROM `@#_admin` WHERE `uid` = '{$CheckId}'"); if (!$info) { return false; } $infoshell = md5($info['username'] . $info['userpass']) . md5($_SERVER['HTTP_USER_AGENT']); if ($infoshell != $CheckAshell) { return false; } return $info; }
public function __construct() { $this->userid = intval(_encrypt(_getcookie("uid"), 'DECODE')); }
public function mobilecheck() { $title = "手机认证 - " . _cfg("web_name"); $check_code = _encrypt($this->segment(4), "DECODE"); $check_code = @unserialize($check_code); if (!$check_code || !isset($check_code['name']) || !isset($check_code['time'])) { _message("参数不正确或者验证已过期!", WEB_PATH . '/register'); } $name = $check_code['name']; $member = $this->db->GetOne("SELECT * FROM `@#_member` WHERE `reg_key` = '{$check_code['name']}' and `time` = '{$check_code['time']}' LIMIT 1"); if (!$member) { _message("未知的来源!", WEB_PATH . '/register'); } if ($member['mobilecode'] == '1') { _message("该账号验证成功", WEB_PATH . "/login"); } if ($member['mobilecode'] == '-1') { $sendok = send_mobile_reg_code($member['reg_key'], $member['uid']); if ($sendok[0] != 1) { _message($sendok[1]); } header("location:" . WEB_PATH . "/member/user/mobilecheck/" . $this->segment(4)); exit; } if (isset($_POST['submit'])) { $checkcodes = isset($_POST['checkcode']) ? $_POST['checkcode'] : _message("参数不正确!"); if (strlen($checkcodes) != 6) { _message("验证码输入不正确!"); } $usercode = explode("|", $member['mobilecode']); if ($checkcodes != $usercode[0]) { _message("验证码输入不正确!"); } $fili_cfg = System::load_app_config("user_fufen"); if ($member['yaoqing']) { $time = time(); $yaoqinguid = $member['yaoqing']; //福分、经验添加 if ($fili_cfg['f_visituser']) { $this->db->Query("insert into `@#_member_account` (`uid`,`type`,`pay`,`content`,`money`,`time`) values ('{$yaoqinguid}','1','福分','邀请好友奖励','{$fili_cfg['f_visituser']}','{$time}')"); } $this->db->Query("UPDATE `@#_member` SET `score`=`score`+'{$fili_cfg['f_visituser']}',`jingyan`=`jingyan`+'{$fili_cfg['z_visituser']}' where uid='{$yaoqinguid}'"); } $check = $this->db->Query("UPDATE `@#_member` SET mobilecode='1',mobile='{$member['reg_key']}' where `uid`='{$member['uid']}'"); _message("验证成功", WEB_PATH . "/login"); } $enname = substr($name, 0, 3) . '****' . substr($name, 7, 10); $time = 120; $namestr = $this->segment(4); include templates("user", "mobilecheck"); }
public function mobileregsn() { $mobile = safe_replace($this->segment(4)); $checkcodes = $this->segment(5); $member = $this->db->GetOne("SELECT * FROM `@#_member` WHERE `mobile` = '{$mobile}' LIMIT 1"); if (strlen($checkcodes) != 6) { //_message("验证码输入不正确!"); $mobileregsn['state'] = 1; echo json_encode($mobileregsn); exit; } $usercode = explode("|", $member['mobilecode']); if ($checkcodes != $usercode[0]) { //_message("验证码输入不正确!"); $mobileregsn['state'] = 1; echo json_encode($mobileregsn); exit; } $this->db->Query("UPDATE `@#_member` SET mobilecode='1' where `uid`='{$member['uid']}'"); _setcookie("uid", _encrypt($member['uid']), 60 * 60 * 24 * 7); _setcookie("ushell", _encrypt(md5($member['uid'] . $member['password'] . $member['mobile'] . $member['email'])), 60 * 60 * 24 * 7); $mobileregsn['state'] = 0; $mobileregsn['str'] = 1; echo json_encode($mobileregsn); }
function wx_callback() { session_start(); if ($_GET["state"] != $_SESSION["wxState"]) { _messagemobile("登录验证失败!", "" . $wx_set['back'] . "/?/mobile/user/login"); } $this->db = System::load_sys_class('model'); $wx_set = $this->db->GetOne("SELECT * from `@#_wxset` "); $code = $_GET["code"]; $procode = $this->segment(4); file_put_contents('t.txt', "\n\r\r\n-----procode:" . $procode, FILE_APPEND); $response = file_get_contents("https://api.weixin.qq.com/sns/oauth2/access_token?appid=" . $wx_set['appid'] . "&secret=" . $wx_set['secret'] . "&code={$code}&grant_type=authorization_code"); $jsondecode = json_decode($response, true); $wx_openid = $jsondecode["openid"]; if (empty($wx_openid)) { _messagemobile("绑定出错,请联系管理员。"); die; } $access_token = $jsondecode["access_token"]; $response = file_get_contents("https://api.weixin.qq.com/sns/userinfo?access_token={$access_token}&openid={$wx_openid}"); $jsondecode = json_decode($response, true); $nickname = $jsondecode["nickname"]; $go_user_info = $this->db->GetOne("select * from `@#_member_band` where `b_code` = '{$wx_openid}' and `b_type` = 'weixin' LIMIT 1"); if (!$go_user_info) { $userpass = md5("123456"); $go_user_img = 'photo/member.jpg'; $go_user_time = time(); $q1 = $this->db->Query("INSERT INTO `@#_member` (`username`,`password`,`img`,`band`,`time`,`money`,`first`,code) VALUES ('{$nickname}','{$userpass}','{$go_user_img}','weixin','{$go_user_time}',0,1,'{$procode}')"); $uid = $this->db->insert_id(); $this->db->Query("INSERT INTO `@#_member_band` (`b_uid`, `b_type`, `b_code`, `b_time`) VALUES ('{$uid}', 'weixin', '{$wx_openid}', '{$go_user_time}')"); $member = $this->db->GetOne("select uid,password,mobile,email from `@#_member` where `uid` = '{$uid}' LIMIT 1"); $se1 = _setcookie("uid", _encrypt($member['uid']), 60 * 60 * 24 * 7); $se2 = _setcookie("ushell", _encrypt(md5($member['uid'] . $member['password'] . $member['mobile'] . $member['email'])), 60 * 60 * 24 * 7); $callback_url = WEB_PATH . "/mobile/home/mobilebind"; header("Location:{$callback_url}"); } else { $uid = $go_user_info["b_uid"]; $member = $this->db->GetOne("select uid,password,mobile,email from `@#_member` where `uid` = '{$uid}' LIMIT 1"); $se1 = _setcookie("uid", _encrypt($member['uid']), 60 * 60 * 24 * 7); $se2 = _setcookie("ushell", _encrypt(md5($member['uid'] . $member['password'] . $member['mobile'] . $member['email'])), 60 * 60 * 24 * 7); if (!$member['mobile']) { $callback_url = WEB_PATH . "/mobile/home/mobilebind"; header("Location:{$callback_url}"); } else { $callback_url = WEB_PATH . "/mobile/activity/"; header("Location:{$callback_url}"); } } }
private function qq_set_member($uid = null, $type = 'bind_add_login') { $member_db = System::load_app_class('base', 'member'); $memberone = $member_db->get_user_info(); if ($memberone) { _message("该QQ号已经被其他用户所绑定!", WEB_PATH . '/login'); } $member = $this->db->GetOne("select uid,password,mobile,email from `@#_member` where `uid` = '{$uid}' LIMIT 1"); $_COOKIE['uid'] = null; $_COOKIE['ushell'] = null; $_COOKIE['UID'] = null; $_COOKIE['USHELL'] = null; $s1 = _setcookie("uid", _encrypt($member['uid']), 60 * 60 * 24 * 7); $s2 = _setcookie("ushell", _encrypt(md5($member['uid'] . $member['password'] . $member['mobile'] . $member['email'])), 60 * 60 * 24 * 7); if ($s1 && $s2) { if (!$member['email'] || !$member['mobile']) { _message("登录成功,请绑定邮箱或手机号和及时修改默认密码!", WEB_PATH . '/member/home/modify'); } _message("登录成功!", G_WEB_PATH); } else { _message("登录失败请检查cookie!", G_WEB_PATH); } }
/** * Form token generation * @return void */ public static function token() { $token = _encrypt(time()); session_set(_cfg('formTokenName'), $token); echo '<input type="hidden" name="lc_formToken_' . _cfg('formTokenName') . '" value="' . $token . '" />'; }
?> ', 'token' : '<?php echo md5('unique_salt' . time()); ?> ', 'type' : '<?php echo _encrypt($type); ?> ', 'path' : '<?php echo _encrypt($path); ?> ', 'size' : '<?php echo _encrypt($size); ?> ', 'check' : '<?php echo $check; ?> ' }, 'auto' : true, 'method' : 'post', 'multi' : true, 'swf' : '<?php echo G_PLUGIN_PATH; ?> /uploadify/uploadify.swf', 'uploader' : '<?php
function qznum() { $mysql_model = System::load_sys_class('model'); $uid = _encrypt(_getcookie('uid'), 'DECODE'); $member = $mysql_model->GetOne("select * from `@#_member` where `uid`='{$uid}'"); $addgroup = rtrim($member['addgroup'], ","); if ($addgroup) { $group = $mysql_model->GetList("select * from `@#_quanzi` where `id` in ({$addgroup})"); return count($group); } else { $group = null; return false; } }
function get_user_arr($key = '', $where = '') { global $_cfg; if (isset($_cfg['userinfo'])) { return $_cfg['userinfo']; } if (empty($where)) { $where = 'uid,username,password,email,mobile,img'; } else { $where = 'uid,username,password,email,mobile,img,' . $where; } $db = System::load_sys_class("model"); $uid = abs(intval(_encrypt(_getcookie("uid"), 'DECODE'))); $ushell = _encrypt(_getcookie("ushell"), 'DECODE'); if (!$uid) { return false; } $_cfg['userinfo'] = $db->GetOne("SELECT {$where} FROM `@#_member` WHERE `uid` = '{$uid}'"); if (!$_cfg['userinfo']) { return false; } $shell = md5($_cfg['userinfo']['uid'] . $_cfg['userinfo']['password'] . $_cfg['userinfo']['mobile'] . $_cfg['userinfo']['email']); if ($ushell != $shell) { return false; } if (empty($key)) { return $_cfg['userinfo']; } elseif (isset($_cfg['userinfo']['key'])) { return $_cfg['userinfo']['key']; } else { return false; } }
function Authenticate($username, $password, $postpass, $accesslevel, $db) { //this is the guts of the class - does all the actual authentication work. set $is_auth = true if successful if ($postpass != $password) { $this->failuremsg = "password"; $this->is_auth = false; return $this->is_auth; } elseif ($postpass == $password) { $data = array('user' => $username, 'pass' => $password, 'access_level' => $accesslevel, 'sessid' => $this->sessid); $string = serialize($data); $info = _encrypt($string); $res = $db->execute("insert into auth_sessions (sessid,crypt_data,sess_time) values (?,?,now())", array($this->sessid, $info)); $is_auth = true; $this->sessdata = $data; return $this->is_auth; } else { $this->failuremsg = "unknown issue"; $this->is_auth = false; return $this->is_auth; } }
<script> $(function(){ $("#referDocument li").bind({ mouseover:function(){ var number=$("#referDocument li").index(this)+1; $(".S0"+number).removeClass("hidden"); }, mouseout:function(){ var number=$("#referDocument li").index(this)+1; $(".S0"+number).addClass("hidden"); } }) }) </script> <?php $uid = _encrypt(get_user_uid()); ?> <div class="part1"> <div class="wrap"></div> </div> <div class="part2 wrap"></div> <div class="part3 wrap"></div> <div class="part4 "> <div class="wrap"> <!--活动规则 start--> <dl class="activeRegulation fl"> <dt>活动规则:</dt> <dd> <i>1</i>您每邀请一位好友成功参与<?php echo _cfg('web_name_two'); ?>
<?php $success = false; $error = false; if (sizeof($_POST)) { $post = _post($_POST); extract($post); # NEW/EDIT $validations = array('txtUsername' => array('caption' => _t('Username'), 'value' => $txtUsername, 'rules' => array('mandatory')), 'txtPwd' => array('caption' => _t('Password'), 'value' => $txtPwd)); if (form_validate($validations)) { $args = array(); $user = db_select('user', 'u')->where()->condition('LOWER(username)', strtolower($txtUsername))->getSingleResult(); if ($user) { if ($user->username === 'admin' && $user->isMaster || $user->password && $user->password == _encrypt($txtPwd)) { $success = true; unset($user->password); # Create the Authentication object auth_create($user->uid, $user); } else { # Other follow-up errors checkup (if any) validation_addError('Password', _t('Password does not match.')); $error = true; } } else { # Other follow-up errors checkup (if any) validation_addError('Username', 'Username does not exists.'); $error = true; } if ($error) { form_set('error', validation_get('errors')); }
public function resetpassword() { if (isset($_POST['submit'])) { $key = $_POST["hidKey"]; $password = md5($_POST["userpassword"]); $checkcode = explode("|", _encrypt($key, "DECODE")); if (count($checkcode) != 3) { _message("未知错误", NULL, 3); } $emailurl = explode("@", $checkcode[0]); if ($emailurl[1]) { $sql = "select * from `@#_member` where `email`='{$checkcode['0']}' AND `passcode`= '{$checkcode['1']}|{$checkcode['2']}' LIMIT 1"; } else { $sql = "select * from `@#_member` where `mobile`='{$checkcode['0']}' AND `passcode`= '{$checkcode['1']}|{$checkcode['2']}' LIMIT 1"; } $member = $this->DB()->GetOne($sql); if (!$member) { _message("未知错误!"); } $this->DB()->Query("UPDATE `@#_member` SET `password`='{$password}',`passcode`='-1' where `uid`='{$member['uid']}'"); _message("密码重置成功", WEB_PATH . "/member/user/login"); } }
private function qq_set_member($uid = null, $type = 'bind_add_login') { $member_db = System::load_app_class('base', 'member'); $memberone = $member_db->get_user_info(); if ($memberone) { _message("该QQ号已经被其他用户所绑定!", WEB_PATH . '/login'); } $member = $this->db->GetOne("select uid,password,mobile,email from `@#_member` where `uid` = '{$uid}' LIMIT 1"); $_COOKIE['uid'] = null; $_COOKIE['ushell'] = null; $_COOKIE['UID'] = null; $_COOKIE['USHELL'] = null; $time = time(); $user_ip = _get_ip_dizhi(); $this->db->GetOne("UPDATE `@#_member` SET `user_ip` = '{$user_ip}',`login_time` = '{$time}' where `uid` = '{$uid}'"); $s1 = _setcookie("uid", _encrypt($member['uid']), 60 * 60 * 24 * 7); $s2 = _setcookie("ushell", _encrypt(md5($member['uid'] . $member['password'] . $member['mobile'] . $member['email'])), 60 * 60 * 24 * 7); $domain = System::load_sys_config('domain'); if (isset($domain[$_SERVER['HTTP_HOST']])) { if ($domain[$_SERVER['HTTP_HOST']]['m'] == 'mobile') { $callback_url = WEB_PATH . "/mobile/home"; } else { $callback_url = WEB_PATH . "/member/home"; } } else { $callback_url = WEB_PATH . "/member/home"; } if ($s1 && $s2) { if (!$member['email'] || !$member['mobile']) { _message("登录成功,请绑定邮箱或手机号和及时修改默认密码!", $callback_url); } _message("登录成功!", $callback_url); } else { _message("登录失败请检查cookie!", G_WEB_PATH); } }
public function login() { if (isset($_POST['ajax'])) { $location = WEB_PATH . '/' . ROUTE_M . '/index'; $message = array("error" => false, 'text' => $location); $username = $_POST['username']; $password = $_POST['password']; $code = strtoupper($_POST['code']); if (empty($username)) { $message['error'] = true; $message['text'] = "请输入用户名!"; echo json_encode($message); exit; } if (empty($password)) { $message['error'] = true; $message['text'] = "请输入密码!"; echo json_encode($message); exit; } $info = $this->db->GetOne("SELECT * FROM `@#_admin` WHERE `username` = '{$username}' LIMIT 1"); if (!$info) { $message['error'] = true; $message['text'] = "登录失败,请检查用户名或密码!"; echo json_encode($message); exit; } if ($info['userpass'] != md5($password)) { $message['error'] = true; $message['text'] = "登陆失败!"; echo json_encode($message); exit; } if (!$message['error']) { _setcookie("AID", _encrypt($info['uid'], 'ENCODE')); _setcookie("ASHELL", _encrypt(md5($info['username'] . $info['userpass']) . md5($_SERVER['HTTP_USER_AGENT']))); $this->AdminInfo = $info; $time = time(); $ip = _get_ip(); $this->db->Query("UPDATE `@#_admin` SET `logintime`='{$time}' WHERE (`uid`='{$info['uid']}')"); $this->db->Query("UPDATE `@#_admin` SET `loginip`='{$ip}' WHERE (`uid`='{$info['uid']}')"); } echo json_encode($message); exit; } else { include $this->tpl(ROUTE_M, 'user.login'); } }
public function mobilecheck() { $member = $this->userinfo; if (isset($_POST['submit'])) { $shoujimahao = base64_decode(_getcookie("mobilecheck")); if (!_checkmobile($shoujimahao)) { _messagemobile("手机号码错误!"); } $checkcodes = isset($_POST['mobile']) ? $_POST['mobile'] : _messagemobile("参数不正确!"); if (strlen($checkcodes) != 6) { _messagemobile("验证码输入不正确!"); } $usercode = explode("|", $member['mobilecode']); if ($checkcodes != $usercode[0]) { _messagemobile("验证码输入不正确!"); } $this->db->Query("UPDATE `@#_member` SET `mobilecode`='1',`mobile` = '{$shoujimahao}' where `uid`='{$member['uid']}'"); //夺宝币、经验添加 $isset_user = $this->db->GetList("select `uid` from `@#_member_account` where `content`='手机认证完善奖励' and `type`='1' and `uid`='{$member['uid']}' and (`pay`='经验' or `pay`='夺宝币')"); if (empty($isset_user)) { $config = System::load_app_config("user_fufen"); //夺宝币/经验 $time = time(); $this->db->Query("insert into `@#_member_account` (`uid`,`type`,`pay`,`content`,`money`,`time`) values ('{$member['uid']}','1','夺宝币','手机认证完善奖励','{$config['f_phonecode']}','{$time}')"); $this->db->Query("insert into `@#_member_account` (`uid`,`type`,`pay`,`content`,`money`,`time`) values ('{$member['uid']}','1','经验','手机认证完善奖励','{$config['z_phonecode']}','{$time}')"); $this->db->Query("UPDATE `@#_member` SET `score`=`score`+'{$config['f_phonecode']}',`jingyan`=`jingyan`+'{$config['z_phonecode']}' where uid='" . $member['uid'] . "'"); } _setcookie("uid", _encrypt($member['uid'])); _setcookie("ushell", _encrypt(md5($member['uid'] . $member['password'] . $member['mobile'] . $member['email']))); //夺宝币、经验添加 $isset_user = $this->db->GetOne("select `uid` from `@#_member_account` where `pay`='手机认证完善奖励' and `type`='1' and `uid`='{$member['uid']}' or `pay`='经验'"); if (empty($isset_user)) { $config = System::load_app_config("user_fufen"); //夺宝币/经验 $time = time(); $this->db->Query("insert into `@#_member_account` (`uid`,`type`,`pay`,`content`,`money`,`time`) values ('{$member['uid']}','1','夺宝币','手机认证完善奖励','{$config['f_overziliao']}','{$time}')"); $this->db->Query("insert into `@#_member_account` (`uid`,`type`,`pay`,`content`,`money`,`time`) values ('{$member['uid']}','1','经验','手机认证完善奖励','{$config['z_overziliao']}','{$time}')"); $mysql_model->Query("UPDATE `@#_member` SET `score`=`score`+'{$config['f_overziliao']}',`jingyan`=`jingyan`+'{$config['z_overziliao']}' where uid='" . $member['uid'] . "'"); $this->db->Query("UPDATE `@#_member` SET score='100' where `uid`='{$member['uid']}'"); } echo "<script type='text/javascript'>alert('验证成功,请重新登录');</script>"; //_messagemobile("验证成功,请重新登录!",WEB_PATH."/mobile/home"); } else { _messagemobile("页面错误", null, 3); } }